Analytics
Notifications
Reference Data
Provider
- GETGet provider information
- PUTUpdate provider settings
- GETCheck whether Stripe can be disconnected
- POSTStart onboarding and provision Stripe account
- POSTSave provider data and start async verification
- DELDelete a person from provider and sync to Stripe
- PUTSwitch provider environment
- DELDisconnect Stripe account
- GETGet the go-live checklist for this provider
- POSTSwitch provider to live mode (validates checklist)
- POSTReset provider onboarding state (development only)
- GETGet provider documents
- POSTPost v1uiprovidersdocuments
- POSTPost v1uiprovidersdocumentsanalyze
- DELDelete a document
- GETList provider invitations
- POSTCreate user invitations
- DELRevoke an invitation
- PUTTransfer provider ownership
- PUTRemove user from provider
- PUTUpdate user role
Admin - Providers
Secret Keys
Admin - Users
User Management
Payments
- POSTCreate a payment intent
- GETGet a payment intent by id
- GETGet a checkout session by sessionId (public)
- GETGet available plans for a checkout session (public)
- POSTSelect a plan for a checkout session and create payment intent (public)
- POSTSelect a topup amount for a checkout session and create payment intent (public)
- POSTReset selected plan for checkout session and cancel payment intent (public)
- GETGet a payment session by id or sessionId
- POSTCreate a checkout session for a customer
- POSTSwitch selected product for a customer session (public)
Customer Sessions
Payment Intents
Stripe
- GETGet account requirements for a provider
- PUTUpdate payout schedule for the authenticated provider
- PUTUpdate a connected Stripe account
- GETGet the connected account for the authenticated user
- GETGet account status for the authenticated user
- POSTCreate a payment intent for the authenticated provider
- GETGet payout settings for the authenticated provider
- POSTCreate a manual payout for the authenticated provider
- GETGet payout history for the authenticated provider
- GETGet payout history for a provider (admin)
- POSTCreate a Stripe account onboarding link
- GETGet account status for a provider
Checkout Sessions
Provider Auth
- POSTSign up a new user
- POSTRequest a login code sent to email
- POSTVerify a login code and receive JWT tokens
- POSTResend a login code (rate-limited)
- POSTInitiate optional 2FA setup (requires JWT)
- POSTVerify TOTP token to complete 2FA setup
- POSTLogout user
- POSTVerify email
- POSTResend verification code
- GETGet invitation details by token
- POSTAccept user invitation
- GETInitiate Google OAuth login
- GETGoogle OAuth callback
- POSTCreate session from Google OAuth
- GETInitiate GitHub OAuth login
- GETGitHub OAuth callback
- POSTCreate session from GitHub OAuth
Provider MCP Auth
Customer OAuth Server
Customer Auth
- GETOAuth login page (Redirects to Frontend)
- POSTHandle OAuth login
- GETInitiate Google OAuth flow for Customers
- GETGoogle OAuth callback for backend-mediated flow
- POSTExchange Google code for session
- GETInitiate GitHub OAuth flow for Customers
- GETGitHub OAuth callback for backend-mediated flow
- POSTExchange GitHub code for session
- POSTRequest password reset
- POSTReset password with token
Operations Auth
Provider OAuth Clients
Provider MCP OAuth
- GETOAuth 2.0 Authorization Server Metadata (RFC 8414) for Provider MCP
- POSTDynamic Client Registration for Provider MCP (dashboard OAuth)
- GETStart Provider MCP OAuth authorization
- POSTBind authenticated provider user to Provider MCP OAuth session (after IdP login)
- POSTApprove or deny MCP client access
- GETHints for consent UI (client name, scopes)
- POSTOAuth 2.0 token endpoint (access_token is the dashboard JWT)
CLI Init Auth
Plans
Products
- GETList products
- POSTCreate a product
- GETGet a product by reference
- PUTUpdate a product
- DELDelete a product
- POSTBootstrap MCP product integration
- PUTConfigure MCP plans on an MCP product
- POSTClone a product
- GETList products for dashboard
- POSTCreate a product
- POSTCheck product name availability
- POSTPreview MCP bootstrap
- POSTBootstrap MCP product integration for UI
- PUTConfigure MCP plans on an MCP product
- GETGet a product
- PUTUpdate a product
- DELDelete a product
- POSTClone a product
- GETList plans for a product
- POSTCreate a plan within a product
- PUTUpdate a plan within a product
- DELDelete a plan from a product
Usage Analytics
Transactions
Admin Transactions
MCP Servers
MCP Discovery
MCP - Routing
UI - Purchases
Purchases
Activation
Customers
- GETList customers
- POSTCreate a new customer
- GETGet customer statistics
- GETGet customer by ID
- PUTUpdate customer
- DELDelete customer
- GETGet payment link details by reference (public endpoint)
- POSTProcess payment for a payment link (public endpoint)
- GETGet a customer session by sessionId
- POSTCreate a customer session for a customer
- GETGet customer by reference, externalRef, or email
- POSTCreate a new customer
- GETGet customer credit balance
- GETGet customer by reference
- POSTCreate a customer session
- GETGet customer session by sessionId
- GETGet current customer profile
Admin Analytics
Provider Analytics
Credits
ui:webhooks
- GETList webhook endpoints
- POSTCreate a webhook endpoint
- PUTUpdate a webhook endpoint
- DELDelete a webhook endpoint
- PATCHSet webhook endpoint status (active/disabled)
- POSTSend a test event to a webhook endpoint
- GETReveal the signing secret for a webhook endpoint
- GETList recent webhook deliveries for debugging (owner/admin only, production-gated)
webhook_endpoints
customer_webhooks
Wallet
UI Management
Preregistrations
Financials
Super Admin
- GETKey business metrics (provider/customer/purchase counts, GMV, success rate)
- GETItems requiring operator attention
- GETDaily transaction volume and payment health (last 30 days)
- GETPlatform growth charts (provider/customer growth, status breakdown)
- GETRecent audit log entries
- GETSearch user and provider accounts
- GETGet full account details
- PATCHUpdate account status (suspend/reactivate)
- POSTGenerate a deletion confirmation token
- POSTSoft-delete an account
- POSTHard-delete an account (requires confirmation token)
- POSTStart an impersonation session for a user
- POSTEnd an impersonation session
- GETView audit log
- GETGet Prometheus metrics as JSON
Super Admin - Preregistrations
Super Admin - Providers
MCP request routing
curl --request GET \
--url https://api.example.com/v1/mcps/routings \
--header 'x-original-host: <x-original-host>'MCP - Routing
MCP request routing
Internal auth-subrequest endpoint used by nginx. Validates the MCP subdomain, JWT bearer token, and tool-level purchase access before allowing the request to be proxied to the origin MCP server.
GET
/
v1
/
mcps
/
routings
MCP request routing
curl --request GET \
--url https://api.example.com/v1/mcps/routings \
--header 'x-original-host: <x-original-host>'Headers
Original Host header forwarded by nginx
Original URI forwarded by nginx
Bearer token with customerRef and providerId claims
Query Parameters
MCP JSON-RPC method (e.g. initialize, tools/list, tools/call)
Tool name for tools/call requests
JSON-RPC request ID
Response
Request authorized — nginx proxies to origin
⌘I
Assistant
Responses are generated using AI and may contain mistakes.